On Sep 24, 2013 4:10 AM, "Dale Harvey" <[email protected]> wrote: > > The passcode we use is not a sim card lock and not overridable by switching sim cards > > With that in place I still dont understand why we are talking about wiping peoples phones to debug them
Like I said, most people don't enable a passcode. I guess we could simply point the finger of blame at those people, but I'd rather try to do something better than that. Especially since we know that stolen phones is not a rare occurrence in some of our target markets. But potentially we could enable debugging system apps without wiping in phones that do have a passcode. But of course we don't want the person who stole your phone to be able to turn on the passcode and then steal all your data. / Jonas > On 24 September 2013 00:54, Jonas Sicking <[email protected]> wrote: >> >> On Mon, Sep 23, 2013 at 4:28 PM, Jim Blandy <[email protected]> wrote: >> > I don't even think we should *require* users to wipe sensitive data to >> > enable debugging. We should *offer* to do so, but forcing it seems like >> > building in the assumption that users who are choosing to develop can't >> > consider the consequences of that choice. Is that the way we want to treat >> > people? >> >> I'm not sure what you mean here. If we assume that most users won't >> ever turn on debugging, and we assume that the attacker might turn on >> debugging. Then what is the purpose of asking about wiping the phone >> at the time of turning on debugging? >> >> The only thing in that direction I could see doing would be to ask at >> the initial phone boot if the user wants to enable security features >> like "wipe on debug turn-on". But I doubt that we'll be ok with adding >> UI during the first-time-run specifically about developer features. >> >> / Jonas >> _______________________________________________ >> dev-b2g mailing list >> [email protected] >> https://lists.mozilla.org/listinfo/dev-b2g > > _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
